In 2018, Cylance® observed a decline in overall ransomware attacks, an increase in malicious coinminers, and a marked evolution of popular threats like Emotet. Overall malware attacks rose by 10% as attackers continued to hone their tools, skills, and tactics to threaten Windows, macOS, and various IoT platforms.

Coinminers offer profit-driven threat actors certain advantages over ransomware, which Cylance believes were leading factors in their increase in popularity. First, they operate quietly by hijacking system processing resources for mining cryptocurrencies like Bitcoin, often without alerting the victim. Second, attackers can repurpose Coinhive – a tool intended to create alternative revenue streams for website owners – to install coinminers on victims’ browsers without consent.

This year’s report offers some insight into why the combination of readily available tools, the ability to conduct discreet operations, and the chance to reap the benefits of hassle-free payouts made coinmining very popular among threat actors in 2018.